Report this job

---

What is the problem? *

Incorrect company
Incorrect location
Job is expired
Job may be a scam
Other

Title: Security Consultant - Mostly remote

Location: Richmond, VA, United States

Length: Long term

Restriction: W2 or C2C

Description:

** **Long term***

Local Richmond, VA candidates only please
*final round of interviews will be conducted ONSITE.
*Candidate must also be able to work onsite at least one day/week
analyze business needs, and develop appropriate technology deliverables, such as, briefs, patterns, reports, data models and hi-level risk assessments.
The Virginia Department of Transportations Information Technology Division is seeking a team member to function as a Sr. Enterprise Architect. The Architect will analyze business needs, and develop appropriate technology deliverables, such as, briefs, patterns, reports, data models and hi-level risk assessments to meet them.

The Architect will also assist in issue resolution, operationalizing architecture practices, creating and socializing architecture artifacts, such as, standards and guidelines, control processes etc. This position will also assist in extending the scope of ITD Governance, Security Architecture and process Improvement.

Responsibilities:
Documents processes and script narratives/executive summaries.
Create Business focused documentation for circulation among readers with various technical understanding.
Share insight of Security Architecture and IT Governance approaches and implementation methodologies
Research and provide written guidance on alignment with security policies/standards.
Perform tasks related to Security Compliance and Control Evaluation, Risk analysis, and exception documentation.
Collaborate with Business areas and cross- functional Enterprise Architects to fully understand business needs and provide strategic consultation on data security and risk-averse implementation.

Partner with architects, other technical team members and to develop roadmaps and strategies to support agency KPIs
Design/Implement Enterprise Security/technology Patterns
Consult with teams as needed on initiatives and provide tactical direction as well as provide architecture considerations on legacy solutions
Research and share finding of architecture governance, controls, and peer review processed with regards to platform technology, security, and cloud.

Manage Security Artifacts in SharePoint Online.

Qualifications:
Experience in industry or state information security and IT risk management with a focus on security, performance, and reliability.
Significant performing reviews of proposed changes and projects as it pertains to the alignment of applicable state and/or federal security standards/regulations.
Significant experience in the development, utilizing, and presentation of information security architecture policies, standards and procedures.
Experience with Information Security Frameworks like NIST-800 series and Cybersecurity Framework, COBIT
Experience in monitoring IT environments for compliance with information security architecture policies and standards.
Substantial technical experience in 2 or more: Cloud-based technologies, Identity & Access Management, Vulnerability Management, firewalls, computer forensic techniques, databases, collaboration tools, web & mail services.
Ability to provide input and security direction for future designs, information security capabilities, and strategic technology alternatives.
Excellent written and oral communication and presentation skills (possessing the ability to breakdown complex technical terms into everyday language).
Demonstrated ability to work with broad cross-section of personal including all levels of management and external entities such as VITA consultants and service providers to explain and security measures and collaborate and disseminate security related information in partnership with the Office of Information Security.
Work experience in a fast-paced environment and acquire new skills/knowledge to meet customer needs.
Thorough understanding of customers priorities and the business criticality of platforms, applications and services.